I’m a huge fan of Synology NAS units, not so much of the camera licenses but thats a minor niggle and for another time. I recently found my root password appeared to have been change but I didn’t remember changing it. I rarely login to the root account so it could have been altered a while ago.
Instantly I assumed I had been compromised, so I logged in as Admin via SSH using PuTTy and changed the root password. Next logged in to DSM (The Synology OS) as Admin user, checked the firewall, and went to Auto Block finding a few IP addresses on the list, but the last one dated back months. Entirely possible it had been that long since I logged in last as root. I checked for other “users” and various other security checks and all seemed ok.
Once the Red Alert has subsided and back to Amber Alert I started to look around on the net and found many comments to the effect “my root password has changed” and “my root account is blocked” and with some further digging found references to the last major DSM Update which were DSM 6.0.
DSM 6.0 Root Password Change
It seems something DSM 6.0 did, caused a reasonable amount of Synology owners root passwords to either change, become corrupt or expire. The solution were to simply change the root password to a new one or back to the old one (I would NEVER recommend the latter). I had inadvertently already done this with my first reaction, so had already fixed it on that particular server.
It dawned on that lots of users wouldn’t find this nugget of information or know how to do this since the reason you buy Synology is so you don’t have to get knee deep in linux but have all the power, so figured I’d blog it.
Exactly what you type into the prompt is in bold, and hit enter after each command.
- Using PuTTy enter your Servers IP (probably 192.168.0.2 or enter your servers hostname).
- Enter username as admin.
(if you have changed your admin users name, change it here)
- Enter your admin password (same as used to access DSM).
- Enter the command sudo su.
(this upgrades you to SuperUser)
- Enter admin password again when prompted.
- Enter the command synouser –setpw root ‘newpassword’.
(use the single quotes around password)
- Enter exit, this returns you to normal user.
- Enter exit, this closes PuTTy.
You can now login as root user once again. I highly recommend using 2 different passwords for Admin and Root users.
Synology has a feature called “Auto Block” which automatically blocks IP addresses when they get the password wrong a number of times. You can find this under the Security Tab in the DSM. You may find your local network IP (192.168.0.*) or wherever you tried to access root from has been blocked, so its as well to check here and remove your IP remembering to save your changes.
Otherwise you find your connection by PuTTy being refused or randomly disconnected as happened on one of my units.